EUVD-2021-1989

Malware in sbrugna...

Fixed in Apache Tomcat 11.0.9

Low: DoS due to overflow in file upload limit CVE-2025-52520 For some unlikely configurations of multipart upload, an Integer Overflow vulnerability could lead to a DoS via bypassing of size limits. This was fixed with commit a51e4bed. This issue was reported to the Tomcat security team on 7 June...

Fixed in Apache Tomcat 10.1.43

Low: DoS due to overflow in file upload limit CVE-2025-52520 For some unlikely configurations of multipart upload, an Integer Overflow vulnerability could lead to a DoS via bypassing of size limits. This was fixed with commit fc42bbcc. This issue was reported to the Tomcat security team on 7 June...

Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h13 / 10.2.x < 10.2.15 / 11.1.x < 11.1.8 / 11.2.x < 11.2.6 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h13 or 10.2.x prior to 10.2.15 or 11.1.x prior to 11.1.8 or 11.2.x prior to 11.2.6. It is, therefore, affected by a vulnerability. A vulnerability in the Palo Alto Networks PAN-OS software enables...

CVE-2021-39204

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versio...

USN-7109-1: Go vulnerabilities

Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. CVE-2022-41723 Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this...

USN-7067-1: HAProxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

Ubuntu 18.04 LTS : HAProxy vulnerability (USN-7067-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7067-1 advisory. It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to...

Important: tomcat9

Issue Overview: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn l...

Apache Tomcat 11.0.0.M1 < 11.0.0.M21

The version of Tomcat installed on the remote host is prior to 11.0.0.M21. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat11.0.0-m21security-11 advisory. - Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache...

PT-2024-5694

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.0-M20 Apache Tomcat versions 10.1.0-M1 through 10.1.24 Apache Tomcat versions 9.0.0-M1 through 9.0.89 Description The issue is related to the improper handling of exceptional conditions and...

GHSA-5WJF-62HW-Q78R Excessive CPU usage

Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. Impact This can result in a DoS condition. Patches Pomerium versions 0.14.8 and 0.15.1 contain an upgraded...

CVE-2021-32778 Excessive CPU utilization when closing HTTP/2 streams

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy’s procedure for resetting a HTTP/2 stream has ON^2 complexity, leading to high CPU utilization when a large number of streams are reset. Deployments are...

Ubuntu: Security Advisory (USN-4596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...